Monday, December 13, 2010

Okay the story is like this: I have Windows, Ubuntu and MacOSX systems in my home and office and sometimes I backup or transfer files using a 8GB USB thumb drive (another way is to use Dropbox). This works perfectly fine until one day I met a 4.x GB file and OOPS! FAT32 filesystem does not allow a single file with that size! As a result, I tried to search for a mulit-platform supported filesystem which also supports large files. I tried NTFS. It works fine with Windows and Ubuntu but it can only be read from MacOSX, without write... When I was going to give up, a friend suggested this Lifehacker article to me (thanks again to my friend!). According to that article, I added NTFS write function to the MacOSX system and now my problem is solved~

Saturday, November 6, 2010

iOS SDK has its own NSThread (class reference here) class to handle thread operations, and using it is pretty simple:

In the above source, func_to_call is the function to be performed in the thread and parm_to_func (can be nil) is the parameter to be passed to func_to_call. If one would like to call functions in the main thread from child thread (probably you want to do this when the child thread is going to end and notifying the main thread is required), using the following:

In this line, func_in_main is the function to be called in main thread.

Thursday, October 14, 2010

Today my colleague told me that his 13" macbook pro (2009 ver.) cannot boot up with black screen. After taking a look, I found that it even gives out crazily annoying beep sound continuously (beep-beep-beep, halt, beep-beep-beep, halt, ......). I have not met that before and turned to Google for help. After some looking and trying (at some time I thought it is because a disc stuck in the drive), finally I found a few sources all point out that the 3-beep sound means "bad memory". The colleague then tried taking the two 1-GB RAM in and out to test and BINGO! The problem was caused by one single faulty RAM! So I will know what to do if any of my machine gives me that sound......

Update:One of my friends told me just now those beep sounds are called "beep code" and their meanings are dependent to different BIOS. A reference of Mac machines can be found here.Update: Another reference in Wikipedia.

Thursday, September 30, 2010

Bilinear Pairing over Composite Group

Given groups $\mathbb{G}$ and $\mathbb{G}_T$ of order $N=pq$ where $p,q$ are prime, and a bilinear pairing $e: \mathbb{G} \times \mathbb{G} \rightarrow \mathbb{G}_T$.

The subgroups of $\mathbb{G}$ with size $p,q$ are defined as $\mathbb{G}_p$ and $\mathbb{G}_q$. Let generator of $\mathbb{G}$ be $g$. The generators of $\mathbb{G}_p$ and $\mathbb{G}_q$ be $g_p$ and $g_q$ can be computed as $g_p = g^q \in \mathbb{G}_p$ and $g_q = g^p \in \mathbb{G}_q$

In addition to basic bilinear pairing properties, bilinear pairing over composite group holds some additional properties:

Tuesday, September 14, 2010

Attribute-based Broadcast Encryption (ABBE) makes use of Attribute-based Encryption scheme to implement broadcast encryption. In attribute-based encryption, a ciphertext is bundled with a data access policy (policy for short) which consists of a list of attributes connected by logic gates (typically AND and OR). Each user in the system possesses a list of attributes. To determine if a user is a legitimate decryptor of the ciphertext, the system compares his attributes with the policy. If the policy is satisfied, the user is able to decrypt the ciphertext.

Compared with conventional broadcast encryption, attribute-based encryption is like separating users into different groups and the access control (using policy) is enforced by manipulating access controls in those groups. If the number of attributes is much less than the total number of users in the system, ABBE has a big advantage on efficiency. However, it cannot enforce ad-hoc access control on every individual user like conventional broadcast encryption.

Hence, some proposed using each bit of user ID as attribute, which makes the total number of attributes becomes log N (assuming N users). This number is much smaller than the total number of users and it sounds promising. However, during my study I found two major problems in this scheme when the number of legitimate users grows large.

First, in order to get a small ciphertext size, the scheme uses Boolean algebra simplification algorithm. The idea is to first list all user IDs of legitimate users in a truth table, then applies the simplification algorithm to get a shorter Boolean algebra expression without altering its result, and this problem is NP-Hard. The two most famous algorithms for this task are Quine-McCluskey algorithm and Espresso heuristic logic minimizer. The complexity of them is yet to be found, but according to my preliminary testing, the running time (for just Boolean algebra simplification) can be much longer than running encryption of Boneh's broadcast encryption. A better simplification algorithm or a better implementation of it is required.

Second, the number of sum-of-product terms output from the simplification is not a constant. In other words, the ciphertext of this scheme will have a variable size. And this leads to a question: How large can the size be? I found it difficult searching for or understanding literature which discusses about this problem. Therefore, I try to run my own test again. I tried to compute both average case and worst case on small N (since I have to generate all combinations, it is already very large even for small N, e.g. 32). From my test, the growth of average size seems to be O(log N). For worst case, however, the size seems to be N/2. In my opinion, the problem is how often the size stays at O(log N). In real application, I think a good average bound is not enough, a good worst case bound is needed. Imagine when N = 10M, N/2 will be 5M and it results in a enormous ciphertext size.

丁重語 (特別形):

Monday, July 19, 2010

For unknown reason, Apple does not allow an iMac Monitor to go completely black via the brightness control. Furthermore, the energy saver setting does not allow an interval less than 1 min. These can be annoying that the monitor keeps switching on while some others are VNC+ing the machine. Although there is no official "solution" from Apple, there is some free utility programs which can do the job. For example, this can turn the iMac screen completely black and can be recovered with a hotkey combination.

Friday, July 2, 2010

By default one can use NSURLRequest and NSURLConnection to connect to a HTTP/HTTPS server. However, the iPhone OS may block the connection if the HTTPS server does not have a trusted certificate (e.g. a self-signed certificate is considered untrusted). After some Googling, here is one of the solutions: Adding the following two functions to the NSURLConnection delegate.

Monday, June 7, 2010

Package, class and function names in Java are specified by function name in C/C++

For all JNI wrapper functions, remember to add JNIEnv *env and jobject object to the front of the parameter list. They represent the environment pointer and the Java class object which calls this function.

Parameters are passed into wrapper functions by value. To the best of my knowledge, there is no way to pass in parameters by reference.

If the wrapper source is in cpp, remember to include all function prototypes in

Make use of include $(call all-subdir-makefiles) to make a recursive building hierarchy

While using variable LOCAL_STATIC_LIBRARIES, try putting the highest level libraries in the front to prevent linking error

In order tot check the output of stdout and stderr, you have to set by using adb (included in Android SDK), and then you can view them using ./adb logcat./adb shell stop ./adb shell setprop log.redirect-stdio true ./adb shell startUpdate: Stopping and starting the shell may cause the whole emulator hangs now. To redirect stdout/stderr, add "log.redirect-stdio=true" to /data/local.prop on the device (create one if the file does not exist) and restart the device

STL library is not included in NDK. If you need to use STL library in your NDK code, you have to use stlport

DO NOT create thread inside NDK

Directory /tmp DOES NOT exist in Android. I have tried to search for it for hours without any luck. According to what I found, applications should manage their own files (temp or non-temp) within the local filesystem sandbox on their own

There is a script to let you build a NDK toolchain since NDK revision 5

Linking with "-lpthread" is not required, including that will cause error

Discussion and Proof:

If x is a perfect square in $\mathbf{Z}^*_p$ and g is a generator of $\mathbf{Z}^*_p$, x can be written as $g^{2i} \mbox{ mod } p \mbox{ where } 1 \leq 2i \leq p-1$. As a result, $\mathbf{J}_p(x) = g^{\frac{2i(p-1)}{2}} = g^{i(p-1)} = 1 \mbox{ mod }p$

If x is not a perfect square in $\mathbf{Z}^*_p$ and g is a generator of $\mathbf{Z}^*_p$, x can be written as $g^{i} \mbox{ mod } p \mbox{ where } 1 \leq i \leq p-1$. Since i is odd, $\frac{i(p-1)}{2}$ is not an integer and $\mathbf{J}_p(x) = g^{\frac{i(p-1)}{2}} = \sqrt{1} = \pm{1}$. However, this does not quite match the definition. To continue the proof, we have to prove thatx is a perfect square in $\mathbf{Z}^*_p$ if and only if $x^{\frac{p-1}{2}} = 1 \mbox{ mod } p$:
$\Rightarrow$ Assume x is a perfect square in $\mathbf{Z}^*_p$, x can be written as $g^{2i} \mbox{ mod } p \mbox{ where } 1 \leq 2i \leq p-1$ and $\mathbf{J}_p(x) = g^{\frac{2i(p-1)}{2}} = g^{i(p-1)} = 1 \mbox{ mod }p$
$\Leftarrow$ Assume $x^{\frac{p-1}{2}} = 1 \mbox{ mod } p$. Since $x \in \mathbf{Z}^*_p$, x can be written as $g^{i} \mbox{ mod } p$ where $1 \leq i \leq p-1$. Since g is a generator of $\mathbf{Z}^*_p$, g has the order $(p-1)$. Only $g^{p-1} \equiv 1 \mbox{ mod } p$ and $g^i \not\equiv 1 \mbox{ for } i < p-1$. As a result, $(p-1)$ must divide $\frac{i(p-1)}{2}$ and so i is even and x is a perfect square in $\mathbf{Z}^*_p$
As a result, $\mathbf{J}_p(x) \neq 1$ if x is not a perfect square in $\mathbf{Z}^*_p$ and so $\mathbf{J}_p(x) = -1$

Friday, January 15, 2010

Introduction:

Modern cryptography concerns about infeasibility rather than impossibility. For example, an encryption scheme is said to be provably secure if the success probability of "breaking" by an adversary is negligibly small rather than zero. Theoretically, the probability is expressed as a probability function of a security parameter k, which is normally the cryptographic key length. Infeasiblity relies on that the success probability function to be a negligible function.

Definition:

A function $f$ is negligible if for every constant $c \geq 0$ there exists an integer $k_c$ such that $f(k) < k^{-c}$ for all $k \geq k_c$

Notes:

The above definition means that the function $f$ is bounded by any positive polynomial fraction. Since for any positive polynomial fraction $g(x)$, we can always find the smallest $c$ such that $k^{-c} \leq g(x)$ for all $k \geq k_c$. Here, by the meaning of $k \geq k_c$, we can also say that the condition holds for a sufficiently large k.

Tuesday, January 12, 2010

Broadcast encryption is a scheme which only allows qualified users to decrypt published content. Typically users are separated into subscribed users who have access to the content and unsubscribed users who do not have the access. Conventional broadcast encryption scheme uses a master secret key to encrypt the content which results in only a trusted designer of the system is allowed to produce encrypted content. This type of broadcast encryption is commonly used in Conditional Access System (CAS) such as Cable-TV.

More recently another type of broadcast encryption scheme called public key broadcast encryption was proposed which consists of a system-wide public key. With this public key, every user can produce encrypted content which only a subset of users can decrypt with their own private keys.

Monday, January 11, 2010

Purpose:

Apple intentionally restricts the access to certain functions of iPhone OS, such as accessing SMS database, by developers using the public SDK for some reasons. However, developing an application which accesses those functions is not impossible because only the header files of those functions are missing in the SDK (The framework in the SDK actually includes those functions). As a result, some developers use some tool to dump those "private headers" from the private framework. Using the dumped headers and the private framework in the SDK, one can develop iPhone application as powerful as Apple can.

Although including the private headers will be much more powerful than using the public header alone, there are other concerns while using private headers. First, there is nearly no information about using private header found on the web. You may be able to find simple tutorials which teach you how to setup a simple project, but to the best of our knowledge, no detailed information like the usage of each function is found (possibly due to the legal concerns of using private headers). In other words, it is like searching in a dark room while trying those headers. Second, since it is like breaking the restrictions set by Apple if you use private header in your application and Apple will examine every piece of application submitted to Apple store, an application which uses private header will certainly not be allowed to be legitimately signed and be published on Apple store. As a result, your application can only run on a jail-broken device.

Preliminaries:

(Here, we assume readers are using OSX and have installed the official iPhone SDK)
You need a tool called "class-dump-z" to dump the required headers from the private framework. Author has tried "class-dump" and "class-dump-x" but the dumped files are worst than the files dumped by "class-dump-z". However, it seems that "class-dump-z" crashes while running on OSX 10.5 Leopard. If you found it crashes on your OSX 10.5 machine, we suggest you try it on a OSX 10.6 machine (like we did, and it runs perfectly on it). Although "class-dump-z" gives us the best result among the tools we tried, the dumped headers cannot be used directly. Some naming conventions and paths must be fixed before using them. Those information can be found on web or by trial and error (mainly fixing the include header's path and name).

Installing Your Application on a Jail-broken Device:

After building your own application, you need to install your application on a (jail-broken) device. If you do not want to do it through Xcode, you may try an unofficial way. As suggested in this site, you can install your application on a jail-broken device via SSH (Sure you have to install OpenSSH package on your device first). The default root password of the jail-broken device is alpine.